#!/usr/bin/perl

# Copyright (c) 2003-2013
# Distributed Systems Software.  All rights reserved.
# $Id: dacs_pam_handler.in 2618 2013-01-22 17:08:36Z brachman $

# This is a very rudimentary PAM handler for DACS to be used for
# demonstration and testing purposes.  It is not intended for production
# use, but if you understand what is going on you should be able to write
# something better without much effort.
#
# To try this, copy it to a cgi-bin area and make it executable.
# If you want it to be DACS-wrapped (unnecessary but always a good idea),
# add a custom access control rule for it.
# Remove the copy when you are done with it.
# 
# Refer to the description of PAM_HANDLER_URL in the local_pam_authenticate
# section of dacs_authenticate(8) for details.

use CGI;

$q = new CGI;

$service = $q->param("service");
$auth_transid = $q->param("AUTH_TRANSID");
$auth_prompt_var_prefix = $q->param("AUTH_PROMPT_VAR_PREFIX");
$css_path = $q->param("CSS_PATH");

$dacs_version = $q->param("DACS_VERSION");
$dacs_jurisdiction = $q->param("DACS_JURISDICTION");
$dacs_browser = $q->param("DACS_BROWSER");
$enable_auth_handlers = $q->param("ENABLE_AUTH_HANDLERS");

print "Content-type: text/html\n\n";
print "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n";
print "<html><head><title>DACS PAM Handler</title>\n";
print "<link rel=\"stylesheet\" href=\"$css_path/local_pam_authenticate.css\" type=\"text/css\">\n";
print "</head><body>\n";

print "<p>\n";
print "<form action=\"$service\">\n";

$i = 1;
$type_name = "TYPE" . $i;
while (defined $q->param($type_name)) {
    $label_name = "LABEL" . $i;
    $name_name = "NAME" . $i;
	$type_val = $q->param($type_name);
	$label_val = $q->param($label_name);
	$name_val = $q->param($name_name);

	if ($type_val eq "error") {
		print "<span class=\"error_label\">$label_val</span>";
	}
	else {
		print "<span class=\"prompt_label\">$label_val</span>";
	}
	print "&nbsp;&nbsp;";

	if ($type_val eq "text" || $type_val eq "password") {
		print "<input type=\"$type_val\" name=\"$name_val\">";
	}
	print "<br>\n";

	$type_name = "TYPE" . ++$i;
}

print "<input type=\"hidden\" name=\"AUTH_TRANSID\" value=\"$auth_transid\">";
print "<br>\n";
print "<input type=\"hidden\" name=\"DACS_VERSION\" value=\"$dacs_version\">";
print "<br>\n";
print "<input type=\"hidden\" name=\"DACS_JURISDICTION\" value=\"$dacs_jurisdiction\">";
print "<br>\n";
print "<input type=\"hidden\" name=\"DACS_BROWSER\" value=\"$dacs_browser\">";
print "<br>\n";
print "<input type=\"hidden\" name=\"ENABLE_AUTH_HANDLERS\" value=\"$enable_auth_handlers\">";
print "<br>\n";
print "<input type=\"submit\" value=\" Submit \">\n";
print "</form>\n";

print "</body></html>\n";

exit 0;
